search

aws / aws-cli

Universal Command Line Interface for Amazon Web Services
Other
15.22k stars 4.06k forks source link

Output of `aws configure sso` is broken when piping through `tee` #6836

Open simonweil opened 2 years ago

simonweil commented 2 years ago

Confirm by changing [ ] to [x] below to ensure that it's a bug:

Describe the bug

When piping the aws configure sso command with tee the output is broken, this happens since version 2.4.19 when the prompt-toolkit was upgraded.

SDK version number

$ aws --version
aws-cli/2.4.18 Python/3.9.12 Darwin/21.4.0 source/x86_64 prompt/off

Platform/OS/Hardware/Device

                 ###                  
               ####                   
               ###                    
       #######    #######             Distro: OS X 12.3
     ######################           Kernel: Darwin
    #####################             Shell: /usr/local/bin/zsh
    ####################              Terminal: xterm-256color iTerm.app
    ####################              CPU: Intel Core i7-1068NG7 CPU @ 2.30GHz
    #####################             Memory: 32 GB
     ######################           
      ####################            
        ################              
         ####     #####

To Reproduce (observed behavior)

$ aws configure sso | tee a.txt
SSO start URL [https://XXXXX.awsapps.com/start]:

                                                        | <-- cursor is now here!

Expected behavior

$ aws configure sso | tee a.txt
SSO start URL [https://XXXXX.awsapps.com/start]: | <-- cursor should be here

Logs/output

$ aws configure sso --debug | tee a.txt
2022-03-31 22:37:26,230 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.5.1 Python/3.9.12 Darwin/21.4.0 source/x86_64
2022-03-31 22:37:26,230 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['configure', 'sso', '--debug']
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_s3 at 0x106e34a60>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_ddb at 0x106a2c940>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.configure.configure.ConfigureCommand'>>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x1069c4b80>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x1069ccaf0>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function alias_opsworks_cm at 0x106e49430>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_history_commands at 0x106a7c4c0>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.devcommands.CLIDevCommand'>>
2022-03-31 22:37:26,313 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_waiters at 0x106e3e670>
2022-03-31 22:37:26,314 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.5.1/libexec/lib/python3.9/site-packages/awscli/data/cli.json
2022-03-31 22:37:26,316 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_types at 0x106d85280>
2022-03-31 22:37:26,316 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function no_sign_request at 0x106d85dc0>
2022-03-31 22:37:26,316 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_verify_ssl at 0x106d85d30>
2022-03-31 22:37:26,316 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_read_timeout at 0x106d85ee0>
2022-03-31 22:37:26,316 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_connect_timeout at 0x106d85e50>
2022-03-31 22:37:26,316 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <built-in method update of dict object at 0x106ee6440>
2022-03-31 22:37:26,317 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.5.1 Python/3.9.12 Darwin/21.4.0 source/x86_64 prompt/off
2022-03-31 22:37:26,317 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['configure', 'sso', '--debug']
2022-03-31 22:37:26,317 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_timestamp_parser at 0x106e360d0>
2022-03-31 22:37:26,317 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x10669cb80>
2022-03-31 22:37:26,317 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_binary_formatter at 0x106ea7550>
2022-03-31 22:37:26,317 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function no_pager_handler at 0x106697dc0>
2022-03-31 22:37:26,317 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x106727700>
2022-03-31 22:37:26,323 - MainThread - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2022-03-31 22:37:26,336 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x106a7c3a0>
2022-03-31 22:37:26,336 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_json_file_cache at 0x106a25820>
2022-03-31 22:37:26,337 - MainThread - botocore.hooks - DEBUG - Event building-command-table.configure: calling handler <function _add_wizard_command at 0x106ea74c0>
2022-03-31 22:37:26,337 - MainThread - botocore.hooks - DEBUG - Event building-command-table.configure: calling handler <function add_waiters at 0x106e3e670>
2022-03-31 22:37:26,337 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.custom.configure.anonymous: calling handler <awscli.paramfile.URIArgumentHandler object at 0x106f32b50>
2022-03-31 22:37:26,337 - MainThread - botocore.hooks - DEBUG - Event building-command-table.configure_sso: calling handler <function add_waiters at 0x106e3e670>
2022-03-31 22:37:26,338 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.custom.sso.no-browser: calling handler <awscli.paramfile.URIArgumentHandler object at 0x106f32b50>
2022-03-31 22:37:26,338 - MainThread - botocore.hooks - DEBUG - Event process-cli-arg.custom.sso: calling handler <awscli.argprocess.ParamShorthandParser object at 0x1066c6130>
SSO start URL [https://XXXXX.awsapps.com/start]:

                                                        | <-- cursor

Additional context

I use this method in order to catch the profile name generated so I can automatically assign it to AWS_PROFILE env var and all AWS commands will now just work with the role, account and region I just connected to.

This is my nice function for it:

aws-login() {
  unset AWS_PROFILE
  local file_name="/tmp/$$"
  aws configure sso 2>&1 | tee "$file_name"
  export AWS_PROFILE="$(grep "ls \-\-profile" "$file_name" | cut -d" " -f5)"
  \rm "$file_name"
}
kdaily commented 2 years ago

Hello @simonweil,

Thanks for writing! I can confirm the bug you're experiencing, but I do not know the underlying cause from the change to prompt-toolkit. I can say that the use case here is understandable, the solution is a bit fragile. You could determine the profile name ahead of time, and specify it when configuring SSO, like such?

aws configure sso --profile my_profile_name

Then you don't need to determine it after the fact, and can use that name with any of the profile configuration options the AWS CLI provides.

You can even set it first and then configure it:

export AWS_PROFILE=my_profile_name
aws configure sso
simonweil commented 2 years ago

Hi @kdaily, Thank you for the response and acknowledgment.

The short answer is that no, this workaround would not work for me.

The long answer. I manage tens of AWS accounts and growing, each account has several roles with a naming convention that contains the account name and role type (admin, developer, devops, readonly, etc). Each account operates usually on a single region.

When choosing the account, role and region from the aws command, the aws/config file gets populated, meaning the next time I access that account and role I have less to setup (the region) and, more importantly, the aws command sets up the correct profile name giving me the full context in which I'm operating. There is no place for human error in having the context in front of my eyes.

This context is used as policy to populate the title of the terminal tab and on the prompt to minimize the possibility of confusion related to the context in which we operate.

Defining the role myself in advance may cause the situation that the profile name and the context (account & role) differ due to human error and there is no unity within the team, meaning again harder context when working together.

Now, if I'd be working alone the issue wouldn't be as bad as I can make my own conventions but there is an entire team that work together and rely on this feature and function I shared in the original description.

We take many precautions to minimize the human mistake risk and having a context visible, clear and trustworthy is super important.

It's bad enough the accounts and roles appear in random order (#6108) , but now choosing the right account is like rolling a dice and that is very frustrating 😞